Lucene search
Veracode Vulnerability DatabaseVERACODE:6154HistoryApr 19, 2018 - 7:44 a.m.
Regular Expression Denial Of Service (ReDoS)
2018-04-1907:44:33
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
EPSS
0.001
Percentile
45.7%
braces is vulnerable to Regular expression Denial of Service (ReDoS). parser.js uses regular expression (^\\{(,+(?:(\\{,+\\})*),*|,*(?:(\\{,+\\})*),+)\\}) to detects empty braces, consuming 10 seconds matching time for data 50K characters long.
Related
ubuntucve
ubuntucve
CVE-2018-1109
2021-03-30 00:00:00
cve
cve
CVE-2018-1109
2021-03-30 02:15:14
osv
osv
Regular Expression Denial of Service (ReDoS) in braces
2022-01-06 20:42:03
debiancve
debiancve
CVE-2018-1109
2021-03-30 02:15:14
cvelist
cvelist
CVE-2018-1109
2021-03-30 01:52:55
redhatcve
redhatcve
CVE-2018-1109
2018-04-18 18:48:54
prion
prion
Design/Logic Flaw
2021-03-30 02:15:00
github
github
Regular Expression Denial of Service (ReDoS) in braces
2022-01-06 20:42:03
nvd
nvd
CVE-2018-1109
2021-03-30 02:15:14
ibm
ibm
redhat
redhat